- Joined
- 3 Nov 2010
- Messages
- 28,071
- Solutions
- 9
- Reaction score
- 38,870
Introducing Kernel Data Protection, a new platform security technology for preventing data corruption - Microsoft Security
Kernel Data Protection (KDP) is a new technology that prevents data corruption attacks by protecting parts of the Windows kernel and drivers through virtualization-based security (VBS). KDP is a set of APIs that provide the ability to mark some kernel memory as read-only, preventing attackers from ever modifying protected memory. For example, we’ve seen attackers use signed but vulnerable drivers to attack policy data structures and install a malicious, unsigned driver. KDP mitigates such attacks by ensuring that policy data structures cannot be tampered with.